all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Microsoft Investigation – Threat actor consent phishing campaign abusing the verified publisher process

Add to bookmarks
Jan. 31, 2023, 10:15 a.m. | msrc

Microsoft Security Response Center msrc-blog.microsoft.com

Summary On December 15th, 2022, Microsoft became aware of a consent phishing campaign involving threat actors fraudulently impersonating legitimate companies when enrolling in the Microsoft Cloud Partner Program (MCPP) (formerly known as Microsoft Partner Network (MPN)). The actor used fraudulent partner accounts to add a verified publisher to OAuth app registrations they created in Azure …

Microsoft Investigation – Threat actor consent phishing campaign abusing the verified publisher process Read More »

abusing accounts actor app aware azure campaign cloud companies consent consent phishing december fraudulent impersonating investigation microsoft microsoft cloud msrc network oauth partner partner program phishing phishing campaign process program publisher registrations threat threat actor threat actors verified verified publisher

Visit resource

More from msrc-blog.microsoft.com / Microsoft Security Response Center

Congratulations to the Top MSRC 2024 Q1 Security Researchers! 1 day, 4 hours ago | msrc-blog.microsoft.com
check chen customers hard +13
Toward greater transparency: Adopting the CWE standard for Microsoft CVEs 1 week, 3 days ago | msrc-blog.microsoft.com
center communities current customers +20
Embracing innovation: Derrick’s transition from banking to Microsoft’s Threat Intelligence team 2 weeks, 2 days ago | msrc-blog.microsoft.com
analysts banking collect curiosity +20
Update on Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard 1 month, 1 week ago | msrc-blog.microsoft.com
actions actor attack blizzard +24
Faye’s Journey: From Security PM to Diversity Advocate at Microsoft 1 month, 2 weeks ago | msrc-blog.microsoft.com
career deployment desktop desktops +9
Microsoft boosts its Microsoft 365 Insider Builds on Windows Bounty Program with higher awards and … 1 month, 3 weeks ago | msrc-blog.microsoft.com
award awards bounty bug +16
From Indiana Jones to Cybersecurity: The Inspiring Journey of Devin 1 month, 3 weeks ago | msrc-blog.microsoft.com
adventures cybersecurity dream found +7
An Obsession With Impact: The Inspiring Journey of a Dreamer That Led to a Career … 1 month, 4 weeks ago | msrc-blog.microsoft.com
bruce career college dream +13
New Security Advisory Tab Added to the Microsoft Security Update Guide 2 months ago | msrc-blog.microsoft.com
advisory customers feedback guide +16

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Cybersecurity Engineer

@ Alstom | Charleroi, BE
View on infosec-jobs.com

Member of Compliance, Information Technology

@ Anchorage Digital | United States
View on infosec-jobs.com

Information Security Consultant (GRC) - Cumulus Systems

@ Hitachi | (HIL) DELHI - RHQ
View on infosec-jobs.com

Security Engineer

@ EarnIn | Mexico
View on infosec-jobs.com
View more jobs